Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8EC70D902D5D11EE9C8690624AD9E6FC.roa
File: 8EC70D902D5D11EE9C8690624AD9E6FC.roa (raw, json)
Hash identifier: fcO+qbox370SztZPlNWelsf0zNaMnVRYCq4Ec3zyFzk=
Subject key identifier: E8:6B:49:51:E4:B0:2F:DF:2E:4A:D5:8F:A8:F6:A6:A4:58:EB:31:52
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 039E
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8EC70D902D5D11EE9C8690624AD9E6FC.roa
Signing time: Fri 28 Jul 2023 15:43:55 +0000
ROA not before: Fri 28 Jul 2023 15:43:51 +0000
ROA not after: Wed 31 Jul 2024 15:43:51 +0000
asID: 34549
IP address blocks: 102.177.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 926 (0x39e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Jul 28 15:43:51 2023 GMT
Not After : Jul 31 15:43:51 2024 GMT
Subject: CN=64c3e23a-9eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e4:62:13:91:56:30:d8:0e:9e:b9:ba:e4:13:
3d:bf:d2:b6:cb:91:9d:05:c3:44:94:eb:15:ad:a6:
f3:0c:b6:aa:d3:9f:2e:ad:30:40:33:cf:5b:f6:1e:
cf:75:6a:1c:5e:d1:45:06:f0:03:a7:8f:aa:3f:98:
c0:c5:5f:dc:91:60:65:d3:78:79:f8:f7:56:c4:d6:
1c:1f:3a:51:47:4d:ac:0e:6d:8d:74:a1:2f:9c:3b:
34:48:16:f0:e7:20:80:7f:0e:a1:fa:a4:1b:43:17:
51:a3:ba:20:7e:42:09:66:5e:d5:3f:53:c0:00:f8:
85:83:67:b4:45:b5:f0:fd:ef:c1:e7:88:33:6c:0a:
e9:3a:42:50:98:5c:9e:67:66:35:28:65:e2:2c:c7:
5c:9d:57:25:fd:17:2d:2e:7f:49:d9:bf:80:3e:95:
24:b5:05:ae:96:1e:1c:9f:ac:65:e0:ca:cc:08:e8:
bc:c9:c6:5d:53:ec:1d:ea:24:6c:07:85:96:a0:8c:
ac:a1:e0:6a:3d:48:cc:7d:3b:63:f8:22:ca:68:4f:
a7:fe:78:c0:a8:1d:ed:70:10:3b:56:f4:a3:47:6f:
c6:1a:b2:67:8a:b8:58:18:6a:23:0e:9b:c2:bd:c9:
59:52:1d:39:cc:68:bf:cd:11:3c:a8:b7:2f:63:2a:
6c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:6B:49:51:E4:B0:2F:DF:2E:4A:D5:8F:A8:F6:A6:A4:58:EB:31:52
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8EC70D902D5D11EE9C8690624AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.140.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:b4:9a:af:b4:c7:d4:ea:c9:1a:9a:51:d1:30:56:cb:8d:02:
5e:fe:48:71:24:3a:dd:a7:9e:a9:16:41:5e:2e:88:43:59:90:
70:46:6c:4b:8f:1f:91:e1:2a:3a:13:37:29:88:0b:9b:0d:fa:
7d:64:b1:25:b0:9c:3d:80:64:ef:79:bd:fd:df:50:07:4e:09:
06:84:16:8a:b3:33:08:84:d5:94:57:ee:0c:d2:9c:28:96:9e:
6b:ad:02:26:df:ac:f8:60:a1:bf:4d:00:61:0f:48:8d:6a:1b:
65:e7:9a:af:72:79:44:8c:2f:ba:22:f7:66:9e:46:15:6b:0a:
c7:63:22:b0:1a:04:69:31:74:48:b6:7f:8f:c5:76:3c:4d:82:
e0:0e:8d:cb:31:c5:f3:f3:7b:22:c9:36:cc:f3:aa:9a:4e:96:
06:c2:9c:1c:81:df:b5:d1:5d:d8:7a:b3:42:96:9a:29:e1:6f:
49:5b:20:be:31:f9:ed:75:de:c8:0e:c0:76:6f:f4:66:02:35:
92:c2:a0:c9:cb:d6:b5:00:a7:07:9d:13:58:75:1e:7b:e9:cf:
41:eb:e3:01:37:35:f7:67:69:6b:47:89:53:12:62:65:af:54:
34:32:50:24:3e:68:0e:37:b4:ed:bb:e2:43:fb:c6:fd:80:a9:
6b:23:ed:e3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA54wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yMzA3MjgxNTQzNTFaFw0yNDA3MzExNTQzNTFaMBgxFjAU
BgNVBAMTDTY0YzNlMjNhLTllYjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDX5GITkVYw2A6eubrkEz2/0rbLkZ0Fw0SU6xWtpvMMtqrTny6tMEAzz1v2
Hs91ahxe0UUG8AOnj6o/mMDFX9yRYGXTeHn491bE1hwfOlFHTawObY10oS+cOzRI
FvDnIIB/DqH6pBtDF1GjuiB+QglmXtU/U8AA+IWDZ7RFtfD978HniDNsCuk6QlCY
XJ5nZjUoZeIsx1ydVyX9Fy0uf0nZv4A+lSS1Ba6WHhyfrGXgyswI6LzJxl1T7B3q
JGwHhZagjKyh4Go9SMx9O2P4IspoT6f+eMCoHe1wEDtW9KNHb8YasmeKuFgYaiMO
m8K9yVlSHTnMaL/NETyoty9jKmxTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6GtJ
UeSwL98uStWPqPampFjrMVIwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzhFQzcwRDkwMkQ1RDExRUU5Qzg2OTA2MjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsYwwDQYJKoZIhvcNAQEL
BQADggEBANC0mq+0x9TqyRqaUdEwVsuNAl7+SHEkOt2nnqkWQV4uiENZkHBGbEuP
H5HhKjoTNymIC5sN+n1ksSWwnD2AZO95vf3fUAdOCQaEFoqzMwiE1ZRX7gzSnCiW
nmutAibfrPhgob9NAGEPSI1qG2Xnmq9yeUSML7oi92aeRhVrCsdjIrAaBGkxdEi2
f4/FdjxNguAOjcsxxfPzeyLJNszzqppOlgbCnByB37XRXdh6s0KWminhb0lbIL4x
+e113sgOwHZv9GYCNZLCoMnL1rUApwedE1h1Hnvpz0Hr4wE3NfdnaWtHiVMSYmWv
VDQyUCQ+aA43tO274kP7xv2AqWsj7eM=
-----END CERTIFICATE-----
Generated at Thu Aug 1 04:29:55 2024 by rpki-client on console-ams.rpki-client.org